Question 1

Criminals exploit vulnerabilities in organizations websites they disagree with and use them to change the home page of the website to a politically charged one to spread their message. This hacktivism type is called

Options :

A : Denial of services

B :

Low Orbit Ion Cannon (LOIC) Program

C : Netstrickes

D :

Web Defacements

Answer: D

Question 2

_______ allows scholars, engineers, auditors, and regulators to examine how security controls operate to ensure their correctness, or identify flaws, without undermining their security.

Options :

A : Least common mechanism

B : Open design

C : Least privilege

D : Least access

Answer: B

Question 3

Malware essentially Codifies the malicious activities intended by an attacker and can be analyzed using the Cyber Kill Chain Model which represents ( iterations of ) steps typically involved in a cybersttack. What is the first step in the Cyber Kill Chain Model that Cyber Attackers Follow ?

Options :

A : Establishing a command-and-control channel for attackers to remotely commander the victims system

B : Reconnaissance is the 1st step where an attacker identifies or attracts the potential targets by scanning

C : Exploiting a vunerability and executing malicious code on the victims system

D : The 1st Step is to gain access to the targets by sending crafted input to trigger a vunerability

Answer: B

Question 4

The Domain NAme System translates domain names, significantly bits of text to IP addresses needed for network communications . The DNS protocol is also a regular DDOs enhancer as it is likely for an attacker to impersonate the IP address of a target in a DNS request , this triggering the DNS server to send unwanted traffic to the target. What other protocols are prone to amplification.

Options :

A :

TCP /IP

B : NTP Network Time Protocol

C : S7 Signifing protocol

D : ARP

Answer: B

Question 5

One of the main benefits of analyzing the malware structure that may include the libraries and toolkits and coding techniques, we may find some important data that is possibly helpful to attribution.

Options :

A : Which means being able to identify the likely author and operator

B : To understand what damage can be done due to the malware program

C : To be able to know the amount of data that has been lost or corrupted

D : Both B and C are correct, and A is incorrect

Answer: A

Confidently Practice Online with Free CSFPC Exam Cram

Buying Options: